General
-
Target
1af1497969678ba22eb299b995b7a679.js
-
Size
20KB
-
Sample
220907-l4hz3abfh9
-
MD5
e3ed1b8a38cef520ea0bc00d1f908a79
-
SHA1
ba2d8c8663bfa26439ecebaa96d57b377f0957f8
-
SHA256
0c0503adf360446d87f864d494a074a63367c3a772baee464f9bfcf64119c577
-
SHA512
266dbc18d9854f563857f4a0d8443694722bcefad00d27acac6fa54d2b95274bc26817308ca7dc9d7d5e6bd1172fc1e961b72b7ae9a9838e59a186cb63109eaf
-
SSDEEP
384:4bNrwtBCR19G5XMmIy8L/VfOepHxJqffrqFWQ5fyE0hCFJOzRPMqGmN3TG9OP:6pw+R19GmU8L/VfOGHnqffrqsQxp0hLb
Static task
static1
Behavioral task
behavioral1
Sample
1af1497969678ba22eb299b995b7a679.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1af1497969678ba22eb299b995b7a679.js
Resource
win10v2004-20220901-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
1af1497969678ba22eb299b995b7a679.js
-
Size
20KB
-
MD5
e3ed1b8a38cef520ea0bc00d1f908a79
-
SHA1
ba2d8c8663bfa26439ecebaa96d57b377f0957f8
-
SHA256
0c0503adf360446d87f864d494a074a63367c3a772baee464f9bfcf64119c577
-
SHA512
266dbc18d9854f563857f4a0d8443694722bcefad00d27acac6fa54d2b95274bc26817308ca7dc9d7d5e6bd1172fc1e961b72b7ae9a9838e59a186cb63109eaf
-
SSDEEP
384:4bNrwtBCR19G5XMmIy8L/VfOepHxJqffrqFWQ5fyE0hCFJOzRPMqGmN3TG9OP:6pw+R19GmU8L/VfOGHnqffrqsQxp0hLb
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-